Search Results (79 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0524 11 Apple, Cisco, Hp and 8 more 14 Mac Os X, Macos, Ios and 11 more 2026-05-28 4 Medium
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVE-2007-5762 1 Novell 1 Netware Client 2026-04-23 N/A
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.
CVE-2006-6675 1 Novell 2 Apache Http Server, Netware 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app.
CVE-2007-3571 1 Novell 2 Groupwise, Netware 2026-04-23 N/A
The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.
CVE-2008-5696 1 Novell 1 Netware 2026-04-23 N/A
Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
CVE-2009-0714 5 Hp, Microsoft, Novell and 2 more 5 Data Protector Express, Windows, Netware and 2 more 2026-04-23 N/A
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.
CVE-2010-0317 1 Novell 1 Netware 2026-04-23 N/A
Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. NOTE: some of these details are obtained from third party information.
CVE-2006-5854 1 Novell 1 Netware Client 2026-04-23 N/A
Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.
CVE-2006-2185 1 Novell 1 Netware 2026-04-16 N/A
PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges.
CVE-1999-0929 1 Novell 2 Http Server, Netware 2026-04-16 N/A
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.
CVE-2000-0669 1 Novell 1 Netware 2026-04-16 N/A
Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.
CVE-2006-0999 1 Novell 2 Netware, Open Enterprise Server 2026-04-16 N/A
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.
CVE-2002-1772 1 Novell 1 Netware 2026-04-16 N/A
Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password.
CVE-2002-2083 1 Novell 1 Netware 2026-04-16 N/A
The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen.
CVE-1999-1215 1 Novell 1 Netware 2026-04-16 N/A
LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges.
CVE-2000-0600 2 Netscape, Novell 2 Enterprise Server, Netware 2026-04-16 N/A
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.
CVE-2002-1436 1 Novell 1 Netware 2026-04-16 N/A
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request.
CVE-1999-1086 1 Novell 1 Netware 2026-04-16 N/A
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.
CVE-1999-0470 1 Novell 1 Netware 2026-04-16 N/A
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.
CVE-2002-0929 1 Novell 1 Netware 2026-04-16 N/A
Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.